Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-11-29MandiantTyler McLellan, Brandan Schondorfer
@online{mclellan:20211129:kittengif:efb8036, author = {Tyler McLellan and Brandan Schondorfer}, title = {{Kitten.gif: Meet the Sabbath Ransomware Affiliate Program, Again}}, date = {2021-11-29}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/sabbath-ransomware-affiliate}, language = {English}, urldate = {2021-11-30} } Kitten.gif: Meet the Sabbath Ransomware Affiliate Program, Again
Cobalt Strike
2021-11-21Twitter (@tylabs)Tyler McLellan, Twitter (@ffforward)
@online{mclellan:20211121:twitter:018d4b1, author = {Tyler McLellan and Twitter (@ffforward)}, title = {{Twitter Thread about UNC1500 phishing using QAKBOT}}, date = {2021-11-21}, organization = {Twitter (@tylabs)}, url = {https://twitter.com/tylabs/status/1462195377277476871}, language = {English}, urldate = {2021-11-29} } Twitter Thread about UNC1500 phishing using QAKBOT
QakBot
2021-06-16MandiantTyler McLellan, Robert Dean, Justin Moore, Nick Harbour, Mike Hunhoff, Jared Wilson, Jordan Nuce
@online{mclellan:20210616:smoking:a03a78c, author = {Tyler McLellan and Robert Dean and Justin Moore and Nick Harbour and Mike Hunhoff and Jared Wilson and Jordan Nuce}, title = {{Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise}}, date = {2021-06-16}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/darkside-affiliate-supply-chain-software-compromise}, language = {English}, urldate = {2021-12-01} } Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
Cobalt Strike SMOKEDHAM
2021-06-16FireEyeTyler McLellan, Robert Dean, Justin Moore, Nick Harbour, Mike Hunhoff, Jared Wilson
@online{mclellan:20210616:smoking:fa6559d, author = {Tyler McLellan and Robert Dean and Justin Moore and Nick Harbour and Mike Hunhoff and Jared Wilson}, title = {{Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise}}, date = {2021-06-16}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/06/darkside-affiliate-supply-chain-software-compromise.html}, language = {English}, urldate = {2021-12-01} } Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
Cobalt Strike SMOKEDHAM
2021-04-29FireEyeTyler McLellan, Justin Moore, Raymond Leong
@online{mclellan:20210429:unc2447:2ad0d96, author = {Tyler McLellan and Justin Moore and Raymond Leong}, title = {{UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat}}, date = {2021-04-29}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/04/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat.html}, language = {English}, urldate = {2021-09-09} } UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
FiveHands HelloKitty